3a87b740c3ea699534f9f36caa410faef1c493a72d5e60eaf02c925aceb4c127

Sharing

Copy URL Twitter E-mail

General

Target

3a87b740c3ea699534f9f36caa410faef1c493a72d5e60eaf02c925aceb4c127
Size

556KB
MD5

a0a7e111539450af740dec206fcaf212
SHA1

160f0e4c7552e34fef6f35a8502f9692d20f2720
SHA256

3a87b740c3ea699534f9f36caa410faef1c493a72d5e60eaf02c925aceb4c127
SHA512

da5e242372988564f9a024f5557764698bf909fefa18f299264b24754bcc6af2db9b373836bf50002dfd25b43bba5bc5ea5a815d4a92475484a4b10c8e8dc101
SSDEEP

12288:IqMMnMMMMMTi78lJp4YkV7DbHfMqA9gXCtwU4NJ5e5Be4aO:IqMMnMMMMMTi78lJiYk1HHfMqFU4NW5B

Score

N/A

Malware Config

Signatures

Files

3a87b740c3ea699534f9f36caa410faef1c493a72d5e60eaf02c925aceb4c127
.exe windows x86

1fe5b8823b974e3192ee5d0daf92f4be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAConnect

advapi32

RegDeleteKeyW
RegOpenKeyExA
RegQueryValueExW
RegQueryValueExA
RegEnumKeyW
RegEnumValueW
DeregisterEventSource
RegEnumKeyA
InitializeSecurityDescriptor
RegDeleteKeyA
LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges
RegQueryValueA
RegisterEventSourceA
SetSecurityDescriptorDacl
RegQueryInfoKeyA
RegDeleteValueW
RegCreateKeyA
RegDeleteValueA
RegEnumValueA
RegOpenKeyA
RegSetValueExA
RegSetValueExW
RegCloseKey
ReportEventA
RegOpenKeyW
RegCreateKeyW
RegSetValueA

ddraw

DirectDrawEnumerateA

olecli32

OleClone

ole32

OleConvertOLESTREAMToIStorage
ProgIDFromCLSID
OleCreateLinkFromData
CreateOleAdviseHolder
OleDoAutoConvert
OleRun
StgCreateDocfile
ReadClassStm
OleGetIconOfClass
OleUninitialize
StgIsStorageILockBytes
CoUnmarshalInterface
BindMoniker
OleInitialize
OleRegGetUserType
CLSIDFromProgID
OleDestroyMenuDescriptor
CoGetMalloc
OleCreateLinkToFile
CreateStreamOnHGlobal
ReadClassStg
CLSIDFromString
StringFromGUID2
CreateDataAdviseHolder
DoDragDrop
OleSaveToStream
OleCreateLink
StgCreateDocfileOnILockBytes
OleCreateFromData
OleDuplicateData
OleCreateFromFile
OleGetAutoConvert
RegisterDragDrop
OleLockRunning
OleQueryCreateFromData
CoLockObjectExternal
IIDFromString
OleSetMenuDescriptor
OleLoad
CoIsOle1Class
CreateBindCtx
CoGetClassObject
IsAccelerator
CoRevokeClassObject
CoCreateInstance
RevokeDragDrop
OleTranslateAccelerator
MkParseDisplayName
OleLoadFromStream
OleSetClipboard
CoDisconnectObject
CoRegisterMessageFilter
OleSave
StgOpenStorageOnILockBytes
OleFlushClipboard
StgOpenStorage
OleConvertIStorageToOLESTREAM
GetClassFile
OleIsRunning
ReleaseStgMedium
OleIsCurrentClipboard
CoMarshalInterface
StringFromCLSID
OleCreateMenuDescriptor
OleGetClipboard
OleQueryLinkFromData
CoFreeUnusedLibraries
CoRegisterClassObject
CreateILockBytesOnHGlobal
WriteClassStg

user32

DrawFrameControl
DdeSetUserHandle
CharLowerBuffA
GetCursor
GetCursorPos
ScreenToClient
LoadImageA
GetWindowRect
GetMenu
DrawTextA
GetForegroundWindow
DdeCreateStringHandleA
SetCapture
SetWindowsHookExW
MessageBoxIndirectA
OemToCharA
DestroyWindow
InflateRect
SetWindowsHookExA
GetSubMenu
BeginPaint
GetClientRect
GetMessageTime
CharLowerA
IsZoomed
ModifyMenuA
SetDlgItemTextA
EnableWindow
CreateMenu
SetActiveWindow
CharToOemBuffA
CreateIcon
GetUpdateRgn
SetParent
GetAsyncKeyState
AdjustWindowRect
keybd_event
SetPropA
PeekMessageA
SendDlgItemMessageA
GetClipboardData
DefWindowProcA
IntersectRect
ClipCursor
CreateCursor
WinHelpA
RemovePropA
DialogBoxParamA
CopyAcceleratorTableA
DestroyCursor
DrawIcon
GetDlgItem
SetKeyboardState
UnregisterClassA
DestroyAcceleratorTable
CallNextHookEx
SetWindowRgn
RegisterClipboardFormatA
SetMenu
PtInRect
FindWindowA
DestroyCaret
DdePostAdvise
PostMessageW
GetClassInfoA
DispatchMessageA
GetFocus
GetMessagePos
DdeFreeStringHandle
IsChild
PostQuitMessage
RemoveMenu
HideCaret
BringWindowToTop
CharUpperA
DdeNameService
CreateDialogParamA
DestroyMenu
EmptyClipboard
IsWindow
SetRect
GetCapture
GetKeyboardState
InsertMenuA
GetUpdateRect
InvalidateRect
MsgWaitForMultipleObjects
DeleteMenu
CloseClipboard
EndPaint
AdjustWindowRectEx
EnableMenuItem
EndDialog
IsIconic
LoadCursorA
TabbedTextOutA
GetTabbedTextExtentA
IsRectEmpty
FillRect
SetWindowTextA
GetQueueStatus
PostMessageA
CreatePopupMenu
RegisterClassA
SetScrollInfo
TrackPopupMenu
OpenClipboard
DefMDIChildProcA
SendMessageA
InvalidateRgn
EqualRect
GetDoubleClickTime
FindWindowW
GetSysColor
AppendMenuA
GetWindowTextLengthA
ShowCursor
GetWindowRgn
GetSystemMetrics
GetParent
KillTimer
DdeClientTransaction
MoveWindow
VkKeyScanA
GetSystemMenu
UnhookWindowsHookEx
MessageBeep
GetDesktopWindow
GetClassInfoExA
DdeGetData
IsWindowEnabled
EnumClipboardFormats
WaitMessage
PeekMessageW
CharLowerBuffW
CopyRect
LoadIconA
GetWindowTextA
SetClipboardData
LockWindowUpdate
CreateCaret
DrawFocusRect
DeferWindowPos
GetScrollPos
SetMenuItemInfoA
CheckMenuItem
wsprintfA
DdeDisconnect
EnumThreadWindows
DdeInitializeA
RegisterClassExA
GetCaretPos
GetKeyboardLayout
GetWindowLongA
CharNextA
ShowScrollBar
SetCursor
GetLastActivePopup
GetMenuState
SetWindowContextHelpId
GetKeyState
GetMenuItemCount
DestroyIcon
GetCaretBlinkTime
DdeUninitialize
SetForegroundWindow
SetScrollPos
MessageBoxA
IsCharAlphaA
DdeAbandonTransaction
TranslateMDISysAccel
GetActiveWindow
OffsetRect
GetMenuStringA
CallWindowProcA
SetScrollRange
CreateWindowExA
IsDialogMessageA
GetDCEx
SetCursorPos
GetClipboardFormatNameA
SetFocus
UpdateWindow
FrameRect
DefFrameProcA
GetIconInfo
AttachThreadInput
GetClassNameA
WindowFromPoint
GetMenuItemInfoA
ReleaseDC
SetMenuDefaultItem
TranslateMessage
GetScrollInfo
CharUpperBuffA
DdeGetLastError
PostThreadMessageA
SetWindowPos
DdeQueryStringA
DdeCreateDataHandle
GetWindowThreadProcessId
BeginDeferWindowPos
ReleaseCapture
GetMenuItemID
LoadBitmapA
SetWindowLongA
VkKeyScanW
ClientToScreen
DdeFreeDataHandle
CreateAcceleratorTableA
CharPrevA
GetDC
IsClipboardFormatAvailable
CharUpperBuffW
GetWindow
DdeCmpStringHandles
LoadAcceleratorsA
SubtractRect
WaitForInputIdle
SetTimer
EndDeferWindowPos
IsWindowVisible
ShowWindow
CharToOemA
ShowCaret
SystemParametersInfoA
DdeQueryConvInfo
ToAscii
DdeConnect
LoadStringA
DrawMenuBar
MapWindowPoints
GetPropA
GetWindowDC
SetCaretPos

kernel32

CreateProcessW
GetTempPathA
VirtualQuery
FlushFileBuffers
EnterCriticalSection
DuplicateHandle
Sleep
LoadLibraryExA
GetStartupInfoA
lstrcpyA
lstrcmpiW
GetExitCodeProcess
RtlUnwind
CreateSemaphoreA
CreateEventA
GlobalUnlock
WideCharToMultiByte
SetHandleCount
RemoveDirectoryA
_lread
GlobalSize
GetVersion
GlobalHandle
LockResource
GetCurrentThreadId
TlsGetValue
SetLocalTime
GetCurrentProcess
GetACP
VirtualAlloc
IsBadCodePtr
lstrlenA
CompareStringA
InterlockedIncrement
SetLastError
CreateDirectoryA
CreateProcessA
HeapDestroy
HeapFree
GetDateFormatA
FindFirstFileA
HeapAlloc
TlsFree
lstrcpynA
InterlockedDecrement
GetTempFileNameA
GetSystemInfo
FlushInstructionCache
GetStringTypeA
GetFileTime
GetCurrentProcessId
GetFileAttributesA
LoadResource
GetProcAddress
InitializeCriticalSection
TlsSetValue
SetErrorMode
UnlockFile
GetModuleHandleA
GetSystemDirectoryA
VirtualProtect
CompareStringW
GlobalAddAtomA
MulDiv
VirtualFree
GetModuleFileNameW
GetUserDefaultLCID
ExitThread
CreateThread
UnhandledExceptionFilter
SetFileTime
FileTimeToLocalFileTime
SystemTimeToFileTime
GetVersionExA
FormatMessageW
GlobalFree
LoadLibraryA
ResetEvent
LeaveCriticalSection
FormatMessageA
ReleaseSemaphore
CloseHandle
GetCommandLineA
GetShortPathNameA
SetEnvironmentVariableA
WriteFile
ResumeThread
SetCurrentDirectoryA
lstrcatA
IsDBCSLeadByte
GetProfileStringA
TerminateProcess
GetSystemDefaultLCID
SetEvent
SetFilePointer
SearchPathA
GetStdHandle
IsBadReadPtr
FreeLibrary
GetCurrentDirectoryA
GetTickCount
FreeEnvironmentStringsW
FreeResource
GetEnvironmentStringsW
GetOEMCP
FindResourceA
_llseek
GetUserDefaultLangID
_lwrite
FindNextFileA
GetStringTypeExA
GetSystemTime
HeapReAlloc
GlobalReAlloc
GetWindowsDirectoryA
FileTimeToSystemTime
GetCPInfo
WinExec
GlobalDeleteAtom
ReadFile
SetStdHandle
LockFile
LCMapStringA
GetSystemDefaultLangID
GetLocaleInfoA
GetTimeZoneInformation
lstrcmpA
SizeofResource
GetModuleFileNameA
FreeEnvironmentStringsA
GetFileType
HeapSize
GlobalLock
GetStringTypeW
GetFullPathNameA
MultiByteToWideChar
GetLocalTime
RaiseException
lstrcmpiA
GlobalAlloc
FindClose
GetLastError
MoveFileA
DeleteCriticalSection
HeapCreate
TlsAlloc
SetFileAttributesA
CreateFileA
GetVolumeInformationA
LCMapStringW
GetEnvironmentStrings
WaitForSingleObject
SetEndOfFile
GetDriveTypeA
_lclose
DeleteFileA
ExitProcess

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 516KB - Virtual size: 512KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1fe5b8823b974e3192ee5d0daf92f4be

Headers

File Characteristics

Imports

ws2_32

advapi32

ddraw

olecli32

ole32

user32

kernel32

Sections

.text Size: 4KB - Virtual size: 1KB

.idata Size: 16KB - Virtual size: 12KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 2.0MB

.rsrc Size: 516KB - Virtual size: 512KB

.text
Size: 4KB - Virtual size: 1KB

.idata
Size: 16KB - Virtual size: 12KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 2.0MB

.rsrc
Size: 516KB - Virtual size: 512KB